21723 matches found
GitLab CE/EE - Information Disclosure
GitLab CE/EE is susceptible to information disclosure. An attacker can access runner registration tokens using quick actions commands, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations. Affected versions are from 12.10 before 14.6.5,...
SonarQube - Authentication Bypass
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. id: CVE-2020-27986 info: name: SonarQube - Authentication Bypass author: pikpikcu severity: high description: | SonarQube 8.4.2.36762 allows remote attackers to...
GitLab CI Lint API - Server-Side Request Forgery
GitLab 10.5 and later contain a server-side request forgery caused by insecure handling of webhook requests, letting unauthenticated attackers exploit the server for arbitrary requests, exploit requires sending crafted webhook requests. id: CVE-2021-22175 info: name: GitLab CI Lint API -...
GitLab Enterprise Edition - Server-Side Request Forgery
An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue. id: CVE-2019-6793 info: name: GitLab Enterprise Edition - Server-Side Request Forgery author:...
CVE-2026-53714 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-WCRF-9VRR-854F vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
CVE-2026-53716 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
CVE-2026-53715 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
CVE-2026-53717 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
CVE-2026-53719 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
CVE-2026-53718 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-FCRP-7GC2-93G7 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-H7PQ-86H8-RP5X vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-M2V6-2JMH-4C68 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-22XC-XG2R-9J7V vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-CXPQ-8V7Q-CG56 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
GHSA-8FV2-88GG-HM7Q vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
CVE-2026-53713 vulnerabilities
Vulnerabilities for packages: datadog-agent, gitlab-operator-fips, gitlab-operator, tigera-operator, datadog-agent-fips, tigera-operator-fips...
Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure
GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. User email is visible. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2020-26413 info:...
Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting
Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected cross-site scripting vulnerability. id: CVE-2020-2096 info: name: Jenkins Gitlab Hook =1.4.3 to mitigate this vulnerability. reference: -...